Lucene search

K
OracleSolaris

58 matches found

CVE
CVE
added 2014/09/27 10:55 a.m.217 views

CVE-2014-5459

The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.

3.6CVSS8.6AI score0.00103EPSS
CVE
CVE
added 2015/05/27 10:59 a.m.137 views

CVE-2015-2922

The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

3.3CVSS5AI score0.01716EPSS
CVE
CVE
added 2015/10/22 12:0 a.m.133 views

CVE-2015-4913

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.

3.5CVSS5.2AI score0.00508EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.121 views

CVE-2023-22003

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Succe...

3.3CVSS2.8AI score0.00069EPSS
CVE
CVE
added 2015/10/21 11:59 p.m.116 views

CVE-2015-4861

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

3.5CVSS5.1AI score0.00476EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.114 views

CVE-2015-0499

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.

3.5CVSS4.8AI score0.00555EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.111 views

CVE-2015-0505

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

3.5CVSS4.8AI score0.00555EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.106 views

CVE-2016-0598

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.

3.5CVSS5AI score0.00557EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.106 views

CVE-2016-0600

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

3.5CVSS5AI score0.00557EPSS
CVE
CVE
added 2015/01/21 3:28 p.m.105 views

CVE-2014-6568

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.

3.5CVSS6.1AI score0.00286EPSS
CVE
CVE
added 2013/07/17 1:41 p.m.103 views

CVE-2013-3812

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

3.5CVSS5AI score0.00786EPSS
CVE
CVE
added 2015/10/21 11:59 p.m.103 views

CVE-2015-4864

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.

3.5CVSS4.7AI score0.00347EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.102 views

CVE-2016-0608

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.

3.5CVSS5AI score0.00557EPSS
CVE
CVE
added 2015/07/16 11:0 a.m.100 views

CVE-2015-4737

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.

3.5CVSS4.4AI score0.00243EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.100 views

CVE-2016-0606

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.

3.5CVSS5AI score0.00274EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.98 views

CVE-2015-0374

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.

3.5CVSS5.9AI score0.00186EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.95 views

CVE-2014-2430

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.

3.5CVSS3.9AI score0.00901EPSS
CVE
CVE
added 2015/10/21 9:59 p.m.92 views

CVE-2015-4807

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache.

3.5CVSS5AI score0.00616EPSS
CVE
CVE
added 2013/04/17 12:14 p.m.89 views

CVE-2013-1511

Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

3.5CVSS4.3AI score0.00567EPSS
CVE
CVE
added 2014/10/15 3:55 p.m.84 views

CVE-2014-6463

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.

3.3CVSS6.1AI score0.00538EPSS
CVE
CVE
added 2014/12/16 11:59 p.m.79 views

CVE-2014-5353

The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demo...

3.5CVSS6.4AI score0.00458EPSS
CVE
CVE
added 2022/01/19 12:15 p.m.73 views

CVE-2022-21298

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Install). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful a...

3.9CVSS4.1AI score0.00087EPSS
CVE
CVE
added 2015/08/16 1:59 a.m.70 views

CVE-2015-4481

Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.

3.3CVSS8.5AI score0.00182EPSS
CVE
CVE
added 2021/07/21 3:15 p.m.66 views

CVE-2021-2381

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful at...

3.9CVSS3.4AI score0.00087EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.64 views

CVE-2020-14759

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful ...

3.3CVSS3.3AI score0.00072EPSS
CVE
CVE
added 2014/05/21 2:55 p.m.60 views

CVE-2011-2198

The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string "\033[100000000000000000@".

3.5CVSS5.9AI score0.01072EPSS
CVE
CVE
added 2010/07/13 10:30 p.m.59 views

CVE-2010-2382

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors.

3.2CVSS5.5AI score0.00186EPSS
CVE
CVE
added 2010/07/13 10:30 p.m.56 views

CVE-2010-2383

Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality and integrity, related to NFS.

3.2CVSS5.7AI score0.00186EPSS
CVE
CVE
added 2017/04/24 7:59 p.m.54 views

CVE-2017-3474

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zone). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successf...

3.3CVSS3.2AI score0.00153EPSS
CVE
CVE
added 2021/10/20 11:16 a.m.54 views

CVE-2021-35549

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful a...

3.9CVSS3.4AI score0.00087EPSS
CVE
CVE
added 2025/04/15 9:15 p.m.51 views

CVE-2025-30700

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Solaris. Successful attacks req...

3.5CVSS2.7AI score0.00035EPSS
CVE
CVE
added 2015/10/21 11:59 p.m.50 views

CVE-2015-4834

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Zones.

3.7CVSS5.7AI score0.00169EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.49 views

CVE-2019-2961

Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMF services & legacy daemons). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Orac...

3.6CVSS3AI score0.00141EPSS
CVE
CVE
added 2016/04/21 11:0 a.m.47 views

CVE-2016-3419

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem.

3.3CVSS4.7AI score0.00158EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.47 views

CVE-2020-14818

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with network access via SSH to compromise Oracle Solaris. Successful attacks require human interaction ...

3CVSS3.3AI score0.00212EPSS
CVE
CVE
added 2024/07/16 11:15 p.m.46 views

CVE-2024-21151

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successfu...

3.3CVSS2.9AI score0.00041EPSS
CVE
CVE
added 2022/10/18 9:15 p.m.45 views

CVE-2022-21610

Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDoms). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful a...

3.3CVSS2.7AI score0.00116EPSS
CVE
CVE
added 2015/05/19 6:59 p.m.44 views

CVE-2015-3988

Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a (1) Glance image, (2) Nova flavor or (3) Host Aggregate.

3.5CVSS5.3AI score0.00411EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.44 views

CVE-2017-10095

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successfu...

3.3CVSS2.4AI score0.00148EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.44 views

CVE-2019-2807

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zones). The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Orac...

3.9CVSS3.9AI score0.0006EPSS
CVE
CVE
added 2023/10/17 10:15 p.m.44 views

CVE-2023-22128

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via rquota to compromise Oracle Solaris. Successful attacks require human...

3.1CVSS2.4AI score0.00261EPSS
CVE
CVE
added 2017/04/24 7:59 p.m.43 views

CVE-2017-3498

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Succes...

3.3CVSS3.4AI score0.00135EPSS
CVE
CVE
added 2016/01/21 3:0 a.m.42 views

CVE-2016-0493

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via unknown vectors related to Kernel Cryptography.

3.3CVSS6.5AI score0.00087EPSS
CVE
CVE
added 2010/07/13 10:30 p.m.41 views

CVE-2010-2384

Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Management Console.

3.2CVSS5.3AI score0.00186EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.41 views

CVE-2016-5615

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.

3.3CVSS4.3AI score0.00146EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.41 views

CVE-2018-2763

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NTPD). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful...

3.3CVSS3.7AI score0.00072EPSS
CVE
CVE
added 2010/07/13 10:30 p.m.40 views

CVE-2010-2393

Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to RPC.

3.8CVSS5.9AI score0.00058EPSS
CVE
CVE
added 2010/10/14 6:0 p.m.40 views

CVE-2010-3576

Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect integrity and availability, related to the SCSI enclosure services device driver.

3.6CVSS5.9AI score0.00147EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.40 views

CVE-2019-2577

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: File Locking Services). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to c...

3.3CVSS3.5AI score0.00192EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.40 views

CVE-2020-14542

Vulnerability in the Oracle Solaris product of Oracle Systems (component: libsuri). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful a...

3.3CVSS3.5AI score0.00069EPSS
Total number of security vulnerabilities58